Overview

overview

10

Static

static

3

JaffaCakes...e6.exe

windows7-x64

10

JaffaCakes...e6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_07e0e88f74ca552229bcf27fba0103e6

  • Size

    772KB

  • Sample

    250121-125tdatphn

  • MD5

    07e0e88f74ca552229bcf27fba0103e6

  • SHA1

    23e6152650fc5f418ae48d72e8e4c67748b7edf2

  • SHA256

    3947007db1f447df87934237b0393480558b906ce696a18ea36ef9c9b323b691

  • SHA512

    56f38aa8b912e3b0d32f9e4bfa1d5787425e93355d70554750ca1bbead2032705003dcced19cbce070b6da6bbb6d1e6e737a66afc2686c2d4cd0b4567ddbdb2d

  • SSDEEP

    12288:Cab1PMmvsD5jqrGfruP1N1j2i3hLJ4LdEDSYW30RKla9JMV6pZW:f1JJiTmN1yi3hLJM1hna9lZW

Score
10/10
darkcometdiscoveryrattrojan

Malware Config

Targets

    • Target

      JaffaCakes118_07e0e88f74ca552229bcf27fba0103e6

    • Size

      772KB

    • MD5

      07e0e88f74ca552229bcf27fba0103e6

    • SHA1

      23e6152650fc5f418ae48d72e8e4c67748b7edf2

    • SHA256

      3947007db1f447df87934237b0393480558b906ce696a18ea36ef9c9b323b691

    • SHA512

      56f38aa8b912e3b0d32f9e4bfa1d5787425e93355d70554750ca1bbead2032705003dcced19cbce070b6da6bbb6d1e6e737a66afc2686c2d4cd0b4567ddbdb2d

    • SSDEEP

      12288:Cab1PMmvsD5jqrGfruP1N1j2i3hLJ4LdEDSYW30RKla9JMV6pZW:f1JJiTmN1yi3hLJM1hna9lZW

    Score
    10/10
    darkcometdiscoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Darkcomet family

      darkcomet

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks